PHP - Does PDO quote safe from SQL Injection?

Question

$id  = trim((int)$_GET[\'id\']);
$sql = \'SELECT * FROM users WHERE id = \' . $db->quote($id) . \' LIMIT 1\';
$run = $db->query($sql)->fetch();

Answer 1

What is the point of using trim on int. And then quoting that value? Since you have integer value then use it as such

$sql = 'SELECT * FROM users where id = ' . $id . ' LIMIT 1';

Instead of blindly quote everything just mind the types of your variables and make sure you are not doing stupid things like $id = trim((int)$_GET['id']); where $id = (int)$_GET['id']; would be more than enough

If you are not sure you can make it, use prepared statements. But please mind what you are coding